ibizdev提交

config.xml

@@ -38,6 +38,11 @@
 	  git clone -b master $para2 ibzwf/
       export NODE_OPTIONS=--max-old-space-size=4096
       cd ibzwf/
+      mvn clean package -Papi
+      cd ibzwf-provider/ibzwf-provider-api
+      mvn -Papi docker:build
+      mvn -Papi docker:push
+      docker -H $para1 stack deploy --compose-file=src/main/docker/ibzwf-provider-api.yaml dev --with-registry-auth      
       </command>
     </hudson.tasks.Shell>
   </builders>

ibzwf-app/ibzwf-app-web/src/main/resources/application-web-prod.yml

@@ -24,5 +24,9 @@ zuul:
       path: /wfsystems/**
       serviceId: ibzwf-api
       stripPrefix: false
+    wfcore:
+      path: /wfcore/**
+      serviceId: ibzwf-api
+      stripPrefix: false
   sensitive-headers:
     - Cookie,Set-Cookie,Authorization

ibzwf-boot/src/main/resources/application-dev.yml

 server:
-  port: 8080
+  port: 40003
\ No newline at end of file
+

ibzwf-core/src/main/resources/deprivs/DEPrivs.json

@@ -2,45 +2,40 @@
     {
     "predefineddatarange":[{"id":"ALL","name":"全部数据"},{"id":"CURORG","name":"当前单位"},{"id":"PORG","name":"上级单位"},{"id":"SORG","name":"下级单位"},{"id":"CURORGDEPT","name":"当前部门"},{"id":"PORGDEPT","name":"上级部门"},{"id":"SORGDEPT","name":"下级部门"}],
     "entities":[
-
     {
     "dename":"WFMember",
     "delogicname":"成员",
     "sysmoudle":{"id":"WORKFLOW","name":"workflow"},
-    "dedataset":[{"id":"Default","name":"默认数据集"}],
-    "deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
+    "dedataset":[{"id":"Default" , "name":"DEFAULT"}],
+    "deaction":[{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
      }
-    ,
-    {
+    ,    {
     "dename":"WFGroup",
     "delogicname":"角色/用户组",
     "sysmoudle":{"id":"WORKFLOW","name":"workflow"},
-    "dedataset":[{"id":"Default","name":"默认数据集"}],
-    "deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
+    "dedataset":[{"id":"Default" , "name":"DEFAULT"}],
+    "deaction":[{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
      }
-    ,
-    {
+    ,    {
     "dename":"WFUser",
     "delogicname":"用户",
     "sysmoudle":{"id":"WORKFLOW","name":"workflow"},
-    "dedataset":[{"id":"Default","name":"默认数据集"}],
-    "deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
+    "dedataset":[{"id":"Default" , "name":"DEFAULT"}],
+    "deaction":[{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" }]
      }
-    ,
-    {
+    ,    {
     "dename":"WFProcessDefinition",
     "delogicname":"流程定义",
     "sysmoudle":{"id":"WORKFLOW","name":"workflow"},
-    "dedataset":[{"id":"Default","name":"默认数据集"}],
-    "deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
+    "dedataset":[{"id":"Default" , "name":"DEFAULT"}],
+    "deaction":[{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" }]
      }
-    ,
-    {
+    ,    {
     "dename":"WFSystem",
     "delogicname":"系统",
     "sysmoudle":{"id":"WORKFLOW","name":"workflow"},
-    "dedataset":[{"id":"Default","name":"默认数据集"}],
-    "deaction":[{"id":"CREATE","name":"新建","type":"BUILTIN"},{"id":"UPDATE","name":"编辑","type":"BUILTIN"},{"id":"READ","name":"读取","type":"BUILTIN"},{"id":"DELETE","name":"删除","type":"BUILTIN"},{"id":"CUSTOM","name":"自定义行为","type":"USERCUSTOM"}]
+    "dedataset":[{"id":"Default" , "name":"DEFAULT"}],
+    "deaction":[{"id":"Remove" , "name":"Remove" , "type":"BUILTIN" },{"id":"Update" , "name":"Update" , "type":"BUILTIN" },{"id":"GetDraft" , "name":"GetDraft" , "type":"BUILTIN" },{"id":"Save" , "name":"Save" , "type":"BUILTIN" },{"id":"Create" , "name":"Create" , "type":"BUILTIN" },{"id":"CheckKey" , "name":"CheckKey" , "type":"BUILTIN" },{"id":"Get" , "name":"Get" , "type":"BUILTIN" }]
      }
     ]
 

ibzwf-provider/ibzwf-provider-api/src/main/docker/Dockerfile

@@ -9,6 +9,6 @@ CMD echo "The application will start in ${IBZ_SLEEP}s..." && \
     sleep ${IBZ_SLEEP} && \
     java ${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom -jar /ibzwf-provider-api.jar
 
-EXPOSE 8081
+EXPOSE 40003
 
 ADD ibzwf-provider-api.jar /ibzwf-provider-api.jar

ibzwf-provider/ibzwf-provider-api/src/main/docker/ibzwf-provider-api.yaml

@@ -3,7 +3,7 @@ services:
   ibzwf-provider-api:
     image: registry.cn-shanghai.aliyuncs.com/ibizsys/ibzwf-provider-api:latest
     ports:
-      - "8081:8081"
+      - "40003:40003"
     networks:
       - agent_network
     deploy:

ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFGroupResource.java

@@ -71,7 +71,7 @@ public class WFGroupResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfgroup_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
     @ApiOperation(value = "Update", tags = {"WFGroup" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfgroups/{wfgroup_id}")
     @Transactional
@@ -83,7 +83,7 @@ public class WFGroupResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#wfgroup_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfgroup_id,'Update',this.getEntity())")
     @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/updatebatch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
@@ -112,7 +112,7 @@ public class WFGroupResource {
 
 
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "Create", tags = {"WFGroup" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups")
     @Transactional
@@ -123,7 +123,7 @@ public class WFGroupResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "createBatch", tags = {"createBatch" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfgroups/createbatch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<WFGroupDTO> wfgroupdtos) {
@@ -134,7 +134,7 @@ public class WFGroupResource {
 
 
 
-    @PreAuthorize("hasPermission('DELETE',{#wfgroup_id,this.getEntity()})")
+    @PreAuthorize("hasPermission('Remove',{#wfgroup_id,this.getEntity()})")
     @ApiOperation(value = "Remove", tags = {"WFGroup" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfgroups/{wfgroup_id}")
     @Transactional
@@ -152,7 +152,7 @@ public class WFGroupResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfgroup_id,'READ',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfgroup_id,'Get',this.getEntity())")
     @ApiOperation(value = "Get", tags = {"WFGroup" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfgroups/{wfgroup_id}")
     public ResponseEntity<WFGroupDTO> get(@PathVariable("wfgroup_id") String wfgroup_id) {
@@ -161,7 +161,7 @@ public class WFGroupResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFGroup" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfgroups/fetchdefault")
 	public ResponseEntity<List<WFGroupDTO>> fetchDefault(WFGroupSearchContext context) {
@@ -174,7 +174,7 @@ public class WFGroupResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFGroup" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfgroups/searchdefault")
 	public ResponseEntity<Page<WFGroupDTO>> searchDefault(WFGroupSearchContext context) {

ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFMemberResource.java

@@ -73,7 +73,7 @@ public class WFMemberResource {
 
 
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "Create", tags = {"WFMember" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfmembers")
     @Transactional
@@ -84,7 +84,7 @@ public class WFMemberResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "createBatch", tags = {"createBatch" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/createbatch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
@@ -95,7 +95,7 @@ public class WFMemberResource {
 
 
 
-    @PreAuthorize("hasPermission('DELETE',{#wfmember_id,this.getEntity()})")
+    @PreAuthorize("hasPermission('Remove',{#wfmember_id,this.getEntity()})")
     @ApiOperation(value = "Remove", tags = {"WFMember" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfmembers/{wfmember_id}")
     @Transactional
@@ -129,7 +129,7 @@ public class WFMemberResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfmember_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
     @ApiOperation(value = "Update", tags = {"WFMember" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfmembers/{wfmember_id}")
     @Transactional
@@ -141,7 +141,7 @@ public class WFMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#wfmember_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfmember_id,'Update',this.getEntity())")
     @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfmembers/updatebatch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFMemberDTO> wfmemberdtos) {
@@ -152,7 +152,7 @@ public class WFMemberResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfmember_id,'READ',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfmember_id,'Get',this.getEntity())")
     @ApiOperation(value = "Get", tags = {"WFMember" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfmembers/{wfmember_id}")
     public ResponseEntity<WFMemberDTO> get(@PathVariable("wfmember_id") String wfmember_id) {
@@ -161,7 +161,7 @@ public class WFMemberResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFMember" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfmembers/fetchdefault")
 	public ResponseEntity<List<WFMemberDTO>> fetchDefault(WFMemberSearchContext context) {
@@ -174,7 +174,7 @@ public class WFMemberResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFMember" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfmembers/searchdefault")
 	public ResponseEntity<Page<WFMemberDTO>> searchDefault(WFMemberSearchContext context) {

ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFProcessDefinitionResource.java

@@ -71,7 +71,7 @@ public class WFProcessDefinitionResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
     @ApiOperation(value = "Update", tags = {"WFProcessDefinition" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
     @Transactional
@@ -83,7 +83,7 @@ public class WFProcessDefinitionResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Update',this.getEntity())")
     @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/updatebatch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
@@ -94,7 +94,7 @@ public class WFProcessDefinitionResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'READ',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfprocessdefinition_id,'Get',this.getEntity())")
     @ApiOperation(value = "Get", tags = {"WFProcessDefinition" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
     public ResponseEntity<WFProcessDefinitionDTO> get(@PathVariable("wfprocessdefinition_id") String wfprocessdefinition_id) {
@@ -124,7 +124,7 @@ public class WFProcessDefinitionResource {
 
 
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "Create", tags = {"WFProcessDefinition" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions")
     @Transactional
@@ -135,7 +135,7 @@ public class WFProcessDefinitionResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "createBatch", tags = {"createBatch" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfprocessdefinitions/createbatch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<WFProcessDefinitionDTO> wfprocessdefinitiondtos) {
@@ -146,7 +146,7 @@ public class WFProcessDefinitionResource {
 
 
 
-    @PreAuthorize("hasPermission('DELETE',{#wfprocessdefinition_id,this.getEntity()})")
+    @PreAuthorize("hasPermission('Remove',{#wfprocessdefinition_id,this.getEntity()})")
     @ApiOperation(value = "Remove", tags = {"WFProcessDefinition" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfprocessdefinitions/{wfprocessdefinition_id}")
     @Transactional
@@ -161,7 +161,7 @@ public class WFProcessDefinitionResource {
         return  ResponseEntity.status(HttpStatus.OK).body(true);
     }
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/fetchdefault")
 	public ResponseEntity<List<WFProcessDefinitionDTO>> fetchDefault(WFProcessDefinitionSearchContext context) {
@@ -174,7 +174,7 @@ public class WFProcessDefinitionResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFProcessDefinition" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfprocessdefinitions/searchdefault")
 	public ResponseEntity<Page<WFProcessDefinitionDTO>> searchDefault(WFProcessDefinitionSearchContext context) {

ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFSystemResource.java

@@ -55,7 +55,7 @@ public class WFSystemResource {
 
 
 
-    @PreAuthorize("hasPermission('DELETE',{#wfsystem_id,this.getEntity()})")
+    @PreAuthorize("hasPermission('Remove',{#wfsystem_id,this.getEntity()})")
     @ApiOperation(value = "Remove", tags = {"WFSystem" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfsystems/{wfsystem_id}")
     @Transactional
@@ -73,7 +73,7 @@ public class WFSystemResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfsystem_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
     @ApiOperation(value = "Update", tags = {"WFSystem" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfsystems/{wfsystem_id}")
     @Transactional
@@ -85,7 +85,7 @@ public class WFSystemResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#wfsystem_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfsystem_id,'Update',this.getEntity())")
     @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/updatebatch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
@@ -121,7 +121,7 @@ public class WFSystemResource {
 
 
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "Create", tags = {"WFSystem" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems")
     @Transactional
@@ -132,7 +132,7 @@ public class WFSystemResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "createBatch", tags = {"createBatch" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfsystems/createbatch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<WFSystemDTO> wfsystemdtos) {
@@ -152,7 +152,7 @@ public class WFSystemResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfsystem_id,'READ',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfsystem_id,'Get',this.getEntity())")
     @ApiOperation(value = "Get", tags = {"WFSystem" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfsystems/{wfsystem_id}")
     public ResponseEntity<WFSystemDTO> get(@PathVariable("wfsystem_id") String wfsystem_id) {
@@ -161,7 +161,7 @@ public class WFSystemResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFSystem" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfsystems/fetchdefault")
 	public ResponseEntity<List<WFSystemDTO>> fetchDefault(WFSystemSearchContext context) {
@@ -174,7 +174,7 @@ public class WFSystemResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFSystem" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfsystems/searchdefault")
 	public ResponseEntity<Page<WFSystemDTO>> searchDefault(WFSystemSearchContext context) {

ibzwf-provider/ibzwf-provider-api/src/main/java/cn/ibizlab/api/rest/WFUserResource.java

@@ -55,7 +55,7 @@ public class WFUserResource {
 
 
 
-    @PreAuthorize("hasPermission('DELETE',{#wfuser_id,this.getEntity()})")
+    @PreAuthorize("hasPermission('Remove',{#wfuser_id,this.getEntity()})")
     @ApiOperation(value = "Remove", tags = {"WFUser" },  notes = "Remove")
 	@RequestMapping(method = RequestMethod.DELETE, value = "/wfusers/{wfuser_id}")
     @Transactional
@@ -98,7 +98,7 @@ public class WFUserResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfuser_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
     @ApiOperation(value = "Update", tags = {"WFUser" },  notes = "Update")
 	@RequestMapping(method = RequestMethod.PUT, value = "/wfusers/{wfuser_id}")
     @Transactional
@@ -110,7 +110,7 @@ public class WFUserResource {
         return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission(#wfuser_id,'UPDATE',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfuser_id,'Update',this.getEntity())")
     @ApiOperation(value = "UpdateBatch", tags = {"UpdateBatch" },  notes = "UpdateBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers/updatebatch")
     public ResponseEntity<Boolean> updateBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
@@ -121,7 +121,7 @@ public class WFUserResource {
 
 
 
-    @PreAuthorize("hasPermission(#wfuser_id,'READ',this.getEntity())")
+    @PreAuthorize("hasPermission(#wfuser_id,'Get',this.getEntity())")
     @ApiOperation(value = "Get", tags = {"WFUser" },  notes = "Get")
 	@RequestMapping(method = RequestMethod.GET, value = "/wfusers/{wfuser_id}")
     public ResponseEntity<WFUserDTO> get(@PathVariable("wfuser_id") String wfuser_id) {
@@ -133,7 +133,7 @@ public class WFUserResource {
 
 
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "Create", tags = {"WFUser" },  notes = "Create")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers")
     @Transactional
@@ -144,7 +144,7 @@ public class WFUserResource {
 		return ResponseEntity.status(HttpStatus.OK).body(dto);
     }
 
-    @PreAuthorize("hasPermission('','CREATE',this.getEntity())")
+    @PreAuthorize("hasPermission('','Create',this.getEntity())")
     @ApiOperation(value = "createBatch", tags = {"createBatch" },  notes = "createBatch")
 	@RequestMapping(method = RequestMethod.POST, value = "/wfusers/createbatch")
     public ResponseEntity<Boolean> createBatch(@RequestBody List<WFUserDTO> wfuserdtos) {
@@ -161,7 +161,7 @@ public class WFUserResource {
         return  ResponseEntity.status(HttpStatus.OK).body(wfuserService.checkKey(wfuserMapping.toDomain(wfuserdto)));
     }
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "fetchDEFAULT", tags = {"WFUser" } ,notes = "fetchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfusers/fetchdefault")
 	public ResponseEntity<List<WFUserDTO>> fetchDefault(WFUserSearchContext context) {
@@ -174,7 +174,7 @@ public class WFUserResource {
                 .body(list);
 	}
 
-    @PreAuthorize("hasPermission('READ',{#context,'Default',this.getEntity()})")
+    @PreAuthorize("hasPermission('Get',{#context,'Default',this.getEntity()})")
 	@ApiOperation(value = "searchDEFAULT", tags = {"WFUser" } ,notes = "searchDEFAULT")
     @RequestMapping(method= RequestMethod.GET , value="/wfusers/searchdefault")
 	public ResponseEntity<Page<WFUserDTO>> searchDefault(WFUserSearchContext context) {

ibzwf-provider/ibzwf-provider-api/src/main/resources/application-api-dev.yml

 server:
-  port: 8081
+  port: 40003
\ No newline at end of file

ibzwf-provider/ibzwf-provider-api/src/main/resources/application-api-prod.yml

 server:
-  port: 8081
+  port: 40003

ibzwf-util/src/main/java/cn/ibizlab/util/job/PermissionSyncJob.java

@@ -36,14 +36,13 @@ public class PermissionSyncJob implements ApplicationRunner {
     private String systemId;
 
     @Override
-    public void run(ApplicationArguments args) throws Exception {
+    public void run(ApplicationArguments args) {
         if(enablePermissionValid){
             try {
                 InputStream permission= this.getClass().getResourceAsStream("/deprivs/DEPrivs.json"); //获取当前系统所有实体资源能力
                 String permissionResult = IOUtils.toString(permission,"UTF-8");
-                JSONArray jsonNodePermission = JSONArray.parseArray(permissionResult);
-                Map<String,Object> map=new HashMap<String,Object>();
-                map.put("menu",new JSONArray());
+                JSONObject jsonNodePermission = JSONObject.parseObject(permissionResult);
+                Map<String,Object> map=new HashMap<>();
                 map.put("permission",jsonNodePermission);
                 client.pushSystemPermissionData(map,systemId);
             }

ibzwf-util/src/main/java/cn/ibizlab/util/security/AuthPermissionEvaluator.java

@@ -31,6 +31,14 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     @Value("${ibiz.enablePermissionValid:false}")
     boolean enablePermissionValid;  //是否开启权限校验
+    /**
+     * 实体行为操作标识
+     */
+    private String DEActionType="DEACTION";
+    /**
+     * 实体数据集操作标识
+     */
+    private String DataSetTag="DATASET";
 
     /**
      * 表格权限检查 ：用于检查当前用户是否拥有表格数据的读取、删除权限
@@ -68,10 +76,10 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             String entityName = entity.getClass().getSimpleName();
 
             //获取实体行为权限信息
-            JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
+            JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
 
             //检查是否有操作权限[create.update.delete.read]
-            if(!validHasPermission(permissionList,entityName,action)){
+            if(!validDEActionHasPermission(permissionList,entityName,action)){
                 return false;
             }
             //检查是否有数据权限[单行删除]
@@ -86,23 +94,23 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         else{   //grid fetch
             //准备参数
             Object searchContext=gridParamList.get(0);
-            String dataSet=String.valueOf(gridParamList.get(1));
+            String dataSetName=String.valueOf(gridParamList.get(1));
             EntityBase entity = (EntityBase) gridParamList.get(2);
             String entityName = entity.getClass().getSimpleName();
 
             //获取数据集权限信息
-            JSONObject permissionList=userPermission.getJSONObject("deDataSetPermission");
+            JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
 
-            if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSet)|| StringUtils.isEmpty(action))
+            if(StringUtils.isEmpty(entityName)|| StringUtils.isEmpty(dataSetName)|| StringUtils.isEmpty(action))
                 return false;
 
-            //检查是否有操作权限[create.update.delete.read]
-            if(!validHasPermission(permissionList,entityName,dataSet,action)){
+            //检查是否有访问数据集的权限
+            if(!validDataSetHasPermission(permissionList,entityName,dataSetName)){
                 return false;
             }
 
             Map<String,String> permissionField=getPermissionField(entity);//获取组织、部门预置属性
-            String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSet,permissionField);//获取权限SQL
+            String permissionSQL=getPermissionSQLByList(permissionList,entityName,action,dataSetName,permissionField);//获取权限SQL
             if(StringUtils.isEmpty(permissionSQL))
                 return false;
             fillPermissionSQL(searchContext,permissionSQL);//将权限SQL添加到searchContext中，过滤出权限内数据
@@ -134,11 +142,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             return false;
 
         JSONObject userPermission= AuthenticationUser.getAuthenticationUser().getPermisionList();
-        JSONObject permissionList=userPermission.getJSONObject("deActionPermission");
+        JSONObject permissionList=userPermission.getJSONObject("userPermissionList");
         String entityName = entity.getClass().getSimpleName();
 
         if(action.equals("CREATE")){
-            return validHasPermission(permissionList,entityName,action);
+            return validDEActionHasPermission(permissionList,entityName,action);
         }
         else{
             //拥有全部数据访问权限时，则跳过权限检查
@@ -146,7 +154,7 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
                 return true;
             }
             //检查是否有操作权限[create.update.delete.read]
-            if(!validHasPermission(permissionList,entityName,action)){
+            if(!validDEActionHasPermission(permissionList,entityName,action)){
                 return false;
             }
             //检查是否有数据权限
@@ -155,7 +163,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
             String permissionSQL=getPermissionSQLById(permissionList,entityName,action,srfKey,permissionField);//获取权限SQL
             if(StringUtils.isEmpty(permissionSQL))
                 return false;
-
             QueryWrapper permissionWrapper=getPermissionWrapper(permissionSQL);//构造权限条件
             return testDataAccess(service,permissionWrapper);//执行权限检查
         }
@@ -193,11 +200,11 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     private String  getPermissionSQLByList(JSONObject gridDataAbility, String entityName, String action, String dataSetName, Map<String,String> permissionField){
 
         JSONObject entity=gridDataAbility.getJSONObject(entityName);//获取实体
-        JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
-        JSONArray opprivList=dataSet.getJSONArray(action);//行为：read；insert...
-        if(opprivList.size()==0)
+        JSONObject permissionType=entity.getJSONObject(DataSetTag);
+        JSONArray dataRange=permissionType.getJSONArray(dataSetName);//获取实体数据集
+        if(dataRange.size()==0)
             return null;
-        return getPermissionSQL(opprivList,permissionField); //拼接权限条件-查询
+        return getPermissionSQL(dataRange,permissionField); //拼接权限条件-查询
     }
 
     /**
@@ -215,53 +222,59 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     }
 
     /**
-     * 校验是否有访问实体行为能力
-     * @param permissionList 权限列表
-     * @param entityName    实体名称
-     * @param action        操作行为
+     * 实体行为权限校验
+     * @param userPermission
+     * @param entityName
+     * @param action
+     * userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
      * @return
      */
-    private boolean validHasPermission(JSONObject permissionList, String entityName, String action){
+    private boolean validDEActionHasPermission(JSONObject userPermission,String entityName , String action ){
 
         boolean hasPermission=false;
-        if(permissionList==null)
+        if(userPermission==null)
             return false;
-        if(!permissionList.containsKey(entityName))
+        if(!userPermission.containsKey(entityName))
             return false;
-        JSONObject entity=permissionList.getJSONObject(entityName);
-        if(entity.containsKey(action)){
+        JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
+        if(!entity.containsKey(DEActionType))
+            return false;
+        JSONObject dataRange=entity.getJSONObject(DEActionType);//获取实体行为对应的数据范围
+        if(dataRange.containsKey(action)){
             hasPermission=true;
         }
-            return hasPermission;
+        return hasPermission;
     }
 
 
     /**
-     * 校验是否有访问数据集能力
-     * @param permissionList
+     * 数据集合权限校验
+     * @param userPermission
      * @param entityName
      * @param dataSetName
-     * @param action
+     * userPermission:{"ENTITY":{"DEACTION":{"READ":["CURORG"]},"DATASET":{"Default":["CURORG"]}}}
      * @return
      */
-    private boolean validHasPermission(JSONObject permissionList, String entityName, String dataSetName, String action ){
+    private boolean validDataSetHasPermission(JSONObject userPermission,String entityName ,String dataSetName){
 
         boolean hasPermission=false;
-        if(permissionList==null)
+        if(userPermission==null)
             return false;
-        if(!permissionList.containsKey(entityName))
+        if(!userPermission.containsKey(entityName))
             return false;
-        JSONObject entity=permissionList.getJSONObject(entityName);
-        if(!entity.containsKey(dataSetName))
+        JSONObject entity=userPermission.getJSONObject(entityName);//获取实体
+        if(!entity.containsKey(DataSetTag))
             return false;
-        JSONObject dataSet=entity.getJSONObject(dataSetName);//获取实体数据集
-        if(dataSet.containsKey(action)){
+        JSONObject dataSetList=entity.getJSONObject(DataSetTag);//获取数据集
+        if(!dataSetList.containsKey(dataSetName))
+            return false;
+        JSONArray dataRange=dataSetList.getJSONArray(dataSetName);//获取数据范围
+        if(dataRange!=null && dataRange.size()>0){
             hasPermission=true;
         }
         return hasPermission;
     }
 
-
     /**
      * 获取单条权限数据SQL
      * @param formDataAbility
@@ -274,7 +287,8 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
     private String getPermissionSQLById(JSONObject formDataAbility, String entityName, String action, Object srfKey, Map<String,String> permissionField){
 
         JSONObject entity=formDataAbility.getJSONObject(entityName);//获取实体
-        JSONArray opprivList=entity.getJSONArray(action);//行为：read；insert...
+        JSONObject permissionType= entity.getJSONObject(DEActionType);
+        JSONArray opprivList=permissionType.getJSONArray(action);//行为：read；insert...
         if(opprivList.size()==0)
             return null;
         String permissionSQL=getPermissionSQL(opprivList,permissionField);
@@ -286,7 +300,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return String.format(" (%s) AND (%s='%s')",permissionSQL,keyField,srfKey); //拼接权限条件-编辑
     }
 
-
     /**
      * 表单权限检查
      * @param service
@@ -302,7 +315,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
         return isPermission;
     }
 
-
     /**
      * 获取权限SQL
      * @param oppriList
@@ -430,7 +442,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     /**
      * 转换[a,b]格式字符串到 'a','b'格式
-     *
      * @return
      */
     private String formatStringArr(JSONArray array) {
@@ -441,7 +452,6 @@ public class AuthPermissionEvaluator implements PermissionEvaluator {
 
     /**
      * 格式转换
-     *
      * @param cond
      * @param operator
      * @return